From: mcr Date: Mon, 5 Apr 2004 00:15:50 +0000 (+0000) Subject: print-esp has been "NDO"-ized. X-Git-Tag: tcpdump-3.9.1~401 X-Git-Url: https://git.tcpdump.org/tcpdump/commitdiff_plain/6bb10ee1e5d9beca128f30b75003052a853a87eb print-esp has been "NDO"-ized. replace error() and warning() with ndo-ized version. moved snaplen/snapend to ndo structure. --- diff --git a/interface.h b/interface.h index ca3e69b5..5905a691 100644 --- a/interface.h +++ b/interface.h @@ -18,7 +18,7 @@ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * @(#) $Header: /tcpdump/master/tcpdump/interface.h,v 1.226 2004-03-30 14:42:40 mcr Exp $ (LBL) + * @(#) $Header: /tcpdump/master/tcpdump/interface.h,v 1.227 2004-04-05 00:15:50 mcr Exp $ (LBL) */ #ifndef tcpdump_interface_h @@ -108,10 +108,6 @@ extern char *program_name; /* used to generate self-identifying messages */ extern int32_t thiszone; /* seconds offset from gmt to local time */ -extern int snaplen; -/* global pointer to end of current packet (during printing) */ -extern const u_char *snapend; - /* * True if "l" bytes of "var" were captured. * @@ -257,7 +253,6 @@ extern void timed_print(const u_char *); extern void udp_print(const u_char *, u_int, const u_char *, int); extern void wb_print(const void *, u_int); extern int ah_print(register const u_char *); -extern int esp_print(register const u_char *, register const u_char *, int *, int *); extern void isakmp_print(const u_char *, u_int, const u_char *); extern int ipcomp_print(register const u_char *, int *); extern void rx_print(register const u_char *, int, int, int, u_char *); @@ -331,8 +326,10 @@ netdissect_options *gndo; #define Cflag gndo->ndo_Cflag #define Aflag gndo->ndo_Aflag #define packettype gndo->ndo_packettype -#define espsecret gndo->ndo_espsecret #define tcpmd5secret gndo->ndo_tcpmd5secret #define Wflag gndo->ndo_Wflag #define WflagChars gndo->ndo_WflagChars #define Cflag_count gndo->ndo_Cflag_count +#define snaplen gndo->ndo_snaplen +#define snapend gndo->ndo_snapend + diff --git a/netdissect.h b/netdissect.h index 7533cfad..e0363b53 100644 --- a/netdissect.h +++ b/netdissect.h @@ -21,7 +21,7 @@ * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. * - * @(#) $Header: /tcpdump/master/tcpdump/netdissect.h,v 1.3 2004-04-02 06:52:06 guy Exp $ (LBL) + * @(#) $Header: /tcpdump/master/tcpdump/netdissect.h,v 1.4 2004-04-05 00:15:50 mcr Exp $ (LBL) */ #ifndef netdissect_h @@ -104,6 +104,9 @@ struct netdissect_options { const char *ndo_dltname; char *ndo_espsecret; + struct sa_list *ndo_sa_list_head; /* used by print-esp.c */ + struct sa_list *ndo_sa_default; + char *ndo_tcpmd5secret; /* TCP-MD5 secret key */ struct esp_algorithm *ndo_espsecret_xform; /* cache of decoded */ @@ -133,6 +136,10 @@ struct netdissect_options { int (*ndo_printf)(netdissect_options *, const char *fmt, ...); + void (*ndo_error)(netdissect_options *, + const char *fmt, ...); + void (*ndo_warning)(netdissect_options *, + const char *fmt, ...); }; #define PT_VAT 1 /* Visual Audio Tool */ @@ -204,11 +211,6 @@ extern const char *tok2str(const struct tok *, const char *, int); extern void wrapup(int); #if 0 -extern void error(netdissect_options *, const char *, ...) - __attribute__((noreturn, format (printf, 2, 3))); -extern void warning(netdissect_options *, const char *, ...) - __attribute__ ((format (printf, 2, 3))); - extern char *read_infile(netdissect_options *, char *); extern char *copy_argv(netdissect_options *, char **); #endif @@ -230,6 +232,9 @@ extern const char *dnnum_string(netdissect_options *, u_short); extern void eap_print(netdissect_options *,const u_char *, u_int); +extern int esp_print(netdissect_options *, + register const u_char *bp, register const u_char *bp2, + int *nhdr, int *padlen); #if 0 extern void ascii_print_with_offset(netdissect_options *, const u_char *, @@ -356,9 +361,6 @@ extern void udp_print(netdissect_options *,const u_char *, u_int, extern void wb_print(netdissect_options *,const void *, u_int); extern int ah_print(netdissect_options *,register const u_char *, register const u_char *); -extern int esp_print(netdissect_options *, - register const u_char *bp, register const u_char *bp2, - int *nhdr, int *padlen); extern void esp_print_decodesecret(netdissect_options *ndo); extern void isakmp_print(netdissect_options *,const u_char *, u_int, const u_char *); diff --git a/print-esp.c b/print-esp.c index 519bfc35..96e97c87 100644 --- a/print-esp.c +++ b/print-esp.c @@ -23,7 +23,7 @@ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/print-esp.c,v 1.49 2004-03-25 03:31:25 mcr Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-esp.c,v 1.50 2004-04-05 00:15:51 mcr Exp $ (LBL)"; #endif #ifdef HAVE_CONFIG_H @@ -54,7 +54,7 @@ static const char rcsid[] _U_ = extern char *strsep(char **stringp, const char *delim); /* Missing/strsep.c */ #endif -#include "interface.h" +#include "netdissect.h" #include "addrtoname.h" #include "extract.h" @@ -83,10 +83,8 @@ struct sa_list { int secretlen; }; -static struct sa_list *sa_list_head = NULL; -static struct sa_list *sa_default = NULL; - -static void esp_print_addsa(struct sa_list *sa, int sa_def) +static void esp_print_addsa(netdissect_options *ndo, + struct sa_list *sa, int sa_def) { /* copy the "sa" */ @@ -94,19 +92,19 @@ static void esp_print_addsa(struct sa_list *sa, int sa_def) nsa = (struct sa_list *)malloc(sizeof(struct sa_list)); if (nsa == NULL) - error("ran out of memory to allocate sa structure"); + (*ndo->ndo_error)(ndo, "ran out of memory to allocate sa structure"); *nsa = *sa; if (sa_def) - sa_default = nsa; + ndo->ndo_sa_default = nsa; - nsa->next = sa_list_head; - sa_list_head = nsa; + nsa->next = ndo->ndo_sa_list_head; + ndo->ndo_sa_list_head = nsa; } -static int hexdigit(char hex) +static int hexdigit(netdissect_options *ndo, char hex) { if (hex >= '0' && hex <= '9') return (hex - '0'); @@ -115,16 +113,16 @@ static int hexdigit(char hex) else if (hex >= 'a' && hex <= 'f') return (hex - 'a' + 10); else { - printf("invalid hex digit %c in espsecret\n", hex); + (*ndo->ndo_error)(ndo, "invalid hex digit %c in espsecret\n", hex); return 0; } } -static int hex2byte(char *hexstring) +static int hex2byte(netdissect_options *ndo, char *hexstring) { int byte; - byte = (hexdigit(hexstring[0]) << 4) + hexdigit(hexstring[1]); + byte = (hexdigit(ndo, hexstring[0]) << 4) + hexdigit(ndo, hexstring[1]); return byte; } @@ -135,7 +133,7 @@ static int hex2byte(char *hexstring) * causes us to go read from this file instead. * */ -static void esp_print_decode_onesecret(char *line) +static void esp_print_decode_onesecret(netdissect_options *ndo, char *line) { struct sa_list sa1; int sa_def; @@ -177,7 +175,7 @@ static void esp_print_decode_onesecret(char *line) if (fileline[0] == '#') continue; if (fileline[0] == '\0') continue; - esp_print_decode_onesecret(fileline); + esp_print_decode_onesecret(ndo, fileline); } fclose(secretfile); @@ -196,7 +194,7 @@ static void esp_print_decode_onesecret(char *line) spino = strtoul(spistr, &foo, 0); if (spistr == foo || !spikey) { - printf("print_esp: failed to decode spi# %s\n", foo); + (*ndo->ndo_warning)(ndo, "print_esp: failed to decode spi# %s\n", foo); return; } @@ -218,7 +216,7 @@ static void esp_print_decode_onesecret(char *line) #endif sin->sin_family = AF_INET; } else { - printf("print_esp: can not decode IP# %s\n", spikey); + (*ndo->ndo_warning)(ndo, "print_esp: can not decode IP# %s\n", spikey); return; } } @@ -229,7 +227,6 @@ static void esp_print_decode_onesecret(char *line) int len; size_t i; const EVP_CIPHER *evp; - int ivlen = 8; int authlen = 0; /* skip any blank spaces */ @@ -238,7 +235,7 @@ static void esp_print_decode_onesecret(char *line) colon = strchr(decode, ':'); if (colon == NULL) { - printf("failed to decode espsecret: %s\n", decode); + (*ndo->ndo_warning)(ndo, "failed to decode espsecret: %s\n", decode); return; } *colon = '\0'; @@ -258,7 +255,7 @@ static void esp_print_decode_onesecret(char *line) } evp = EVP_get_cipherbyname(decode); if (!evp) { - printf("failed to find cipher algo %s\n", decode); + (*ndo->ndo_warning)(ndo, "failed to find cipher algo %s\n", decode); sa1.evp = NULL; sa1.authlen = 0; sa1.ivlen = 0; @@ -267,7 +264,7 @@ static void esp_print_decode_onesecret(char *line) sa1.evp = evp; sa1.authlen = authlen; - sa1.ivlen = ivlen; + sa1.ivlen = EVP_CIPHER_iv_length(evp); colon++; if (colon[0] == '0' && colon[1] == 'x') { @@ -276,13 +273,13 @@ static void esp_print_decode_onesecret(char *line) len = strlen(colon) / 2; if (len > 256) { - printf("secret is too big: %d\n", len); + (*ndo->ndo_warning)(ndo, "secret is too big: %d\n", len); return; } i = 0; while (colon[0] != '\0' && colon[1]!='\0') { - espsecret_key[i] = hex2byte(colon); + espsecret_key[i] = hex2byte(ndo, colon); colon += 2; i++; } @@ -302,28 +299,28 @@ static void esp_print_decode_onesecret(char *line) } } - esp_print_addsa(&sa1, sa_def); + esp_print_addsa(ndo, &sa1, sa_def); } -static void esp_print_decodesecret(void) +static void esp_print_decodesecret(netdissect_options *ndo) { char *line; char *p; - p = espsecret; + p = ndo->ndo_espsecret; - while (espsecret && espsecret[0] != '\0') { + while (ndo->ndo_espsecret && ndo->ndo_espsecret[0] != '\0') { /* pick out the first line or first thing until a comma */ - if ((line = strsep(&espsecret, "\n,")) == NULL) { - line = espsecret; - espsecret = NULL; + if ((line = strsep(&ndo->ndo_espsecret, "\n,")) == NULL) { + line = ndo->ndo_espsecret; + ndo->ndo_espsecret = NULL; } - esp_print_decode_onesecret(line); + esp_print_decode_onesecret(ndo, line); } } -static void esp_init(void) +static void esp_init(netdissect_options *ndo _U_) { OpenSSL_add_all_algorithms(); @@ -332,7 +329,8 @@ static void esp_init(void) #endif int -esp_print(const u_char *bp, const u_char *bp2 +esp_print(netdissect_options *ndo, + const u_char *bp, const u_char *bp2 #ifndef HAVE_LIBCRYPTO _U_ #endif @@ -375,7 +373,7 @@ esp_print(const u_char *bp, const u_char *bp2 advance = 0; if (!initialized) { - esp_init(); + esp_init(ndo); initialized = 1; } #endif @@ -386,28 +384,27 @@ esp_print(const u_char *bp, const u_char *bp2 #endif /* 'ep' points to the end of available data. */ - ep = snapend; + ep = ndo->ndo_snapend; if ((u_char *)(esp + 1) >= ep) { fputs("[|ESP]", stdout); goto fail; } - printf("ESP(spi=0x%08x", EXTRACT_32BITS(&esp->esp_spi)); - printf(",seq=0x%x", EXTRACT_32BITS(&esp->esp_seq)); - printf(")"); + (*ndo->ndo_printf)(ndo, "ESP(spi=0x%08x", EXTRACT_32BITS(&esp->esp_spi)); + (*ndo->ndo_printf)(ndo, ",seq=0x%x)", EXTRACT_32BITS(&esp->esp_seq)); #ifndef HAVE_LIBCRYPTO goto fail; #else /* initiailize SAs */ - if (sa_list_head == NULL) { - if (!espsecret) + if (ndo->ndo_sa_list_head == NULL) { + if (!ndo->ndo_espsecret) goto fail; - esp_print_decodesecret(); + esp_print_decodesecret(ndo); } - if (sa_list_head == NULL) + if (ndo->ndo_sa_list_head == NULL) goto fail; ip = (struct ip *)bp2; @@ -422,7 +419,7 @@ esp_print(const u_char *bp, const u_char *bp2 len = sizeof(struct ip6_hdr) + EXTRACT_16BITS(&ip6->ip6_plen); /* see if we can find the SA, and if so, decode it */ - for (sa = sa_list_head; sa != NULL; sa = sa->next) { + for (sa = ndo->ndo_sa_list_head; sa != NULL; sa = sa->next) { struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&sa->daddr; if (sa->spi == ntohl(esp->esp_spi) && sin6->sin6_family == AF_INET6 && @@ -440,7 +437,7 @@ esp_print(const u_char *bp, const u_char *bp2 len = EXTRACT_16BITS(&ip->ip_len); /* see if we can find the SA, and if so, decode it */ - for (sa = sa_list_head; sa != NULL; sa = sa->next) { + for (sa = ndo->ndo_sa_list_head; sa != NULL; sa = sa->next) { struct sockaddr_in *sin = (struct sockaddr_in *)&sa->daddr; if (sa->spi == ntohl(esp->esp_spi) && sin->sin_family == AF_INET && @@ -457,7 +454,7 @@ esp_print(const u_char *bp, const u_char *bp2 * an unspecified one. */ if (sa == NULL) - sa = sa_default; + sa = ndo->ndo_sa_default; /* if not found fail */ if (sa == NULL) @@ -479,7 +476,7 @@ esp_print(const u_char *bp, const u_char *bp2 if (sa->evp) { memset(&ctx, 0, sizeof(ctx)); if (EVP_CipherInit(&ctx, sa->evp, secret, NULL, 0) < 0) - printf("espkey init failed"); + (*ndo->ndo_warning)(ndo, "espkey init failed"); blocksz = EVP_CIPHER_CTX_block_size(&ctx); @@ -501,10 +498,17 @@ esp_print(const u_char *bp, const u_char *bp2 if (nhdr) *nhdr = *(ep - 1); - printf(": "); + (ndo->ndo_printf)(ndo, ": "); return advance; #endif fail: return -1; } + +/* + * Local Variables: + * c-style: whitesmith + * c-basic-offset: 8 + * End: + */ diff --git a/print-ip.c b/print-ip.c index 97ce83a5..e0e9d2db 100644 --- a/print-ip.c +++ b/print-ip.c @@ -21,7 +21,7 @@ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.135 2004-03-24 09:00:08 guy Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/print-ip.c,v 1.136 2004-04-05 00:15:51 mcr Exp $ (LBL)"; #endif #ifdef HAVE_CONFIG_H @@ -505,7 +505,7 @@ again: case IPPROTO_ESP: { int enh, padlen; - advance = esp_print(cp, (const u_char *)ip, &enh, &padlen); + advance = esp_print(gndo, cp, (const u_char *)ip, &enh, &padlen); if (advance <= 0) break; cp += advance; diff --git a/print-ip6.c b/print-ip6.c index 87364717..3dc188e5 100644 --- a/print-ip6.c +++ b/print-ip6.c @@ -21,7 +21,7 @@ #ifndef lint static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/print-ip6.c,v 1.40 2003-11-24 20:30:52 guy Exp $"; + "@(#) $Header: /tcpdump/master/tcpdump/print-ip6.c,v 1.41 2004-04-05 00:15:51 mcr Exp $"; #endif #ifdef HAVE_CONFIG_H @@ -149,7 +149,7 @@ ip6_print(register const u_char *bp, register u_int length) case IPPROTO_ESP: { int enh, padlen; - advance = esp_print(cp, (const u_char *)ip6, &enh, &padlen); + advance = esp_print(gndo, cp, (const u_char *)ip6, &enh, &padlen); nh = enh & 0xff; len -= padlen; break; diff --git a/tcpdump.c b/tcpdump.c index 2fe89cd4..a93699af 100644 --- a/tcpdump.c +++ b/tcpdump.c @@ -30,7 +30,7 @@ static const char copyright[] _U_ = "@(#) Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 2000\n\ The Regents of the University of California. All rights reserved.\n"; static const char rcsid[] _U_ = - "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.239 2004-03-30 14:42:40 mcr Exp $ (LBL)"; + "@(#) $Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.240 2004-04-05 00:15:52 mcr Exp $ (LBL)"; #endif /* @@ -107,6 +107,8 @@ static void print_packet(u_char *, const struct pcap_pkthdr *, const u_char *); static void dump_packet_and_trunc(u_char *, const struct pcap_pkthdr *, const u_char *); static void dump_packet(u_char *, const struct pcap_pkthdr *, const u_char *); static void droproot(const char *, const char *); +static void ndo_error(netdissect_options *ndo, const char *fmt, ...); +static void ndo_warning(netdissect_options *ndo, const char *fmt, ...); #ifdef SIGINFO RETSIGTYPE requestinfo(int); @@ -123,9 +125,6 @@ RETSIGTYPE requestinfo(int); static void info(int); static u_int packets_captured; -/* Length of saved portion of packet. */ -int snaplen = DEFAULT_SNAPLEN; - typedef u_int (*if_printer)(const struct pcap_pkthdr *, const u_char *); struct printer { @@ -418,6 +417,9 @@ main(int argc, char **argv) gndo->ndo_tflag=1; gndo->ndo_dlt=-1; gndo->ndo_printf=tcpdump_printf; + gndo->ndo_error=ndo_error; + gndo->ndo_warning=ndo_warning; + gndo->ndo_snaplen = DEFAULT_SNAPLEN; cnt = -1; device = NULL; @@ -503,7 +505,7 @@ main(int argc, char **argv) #ifndef HAVE_LIBCRYPTO warning("crypto code not compiled in"); #endif - espsecret = optarg; + gndo->ndo_espsecret = optarg; break; case 'f': @@ -1301,3 +1303,42 @@ usage(void) "\t\t[ expression ]\n"); exit(1); } + + + +/* VARARGS */ +void +ndo_error(netdissect_options *ndo _U_, const char *fmt, ...) +{ + va_list ap; + + (void)fprintf(stderr, "%s: ", program_name); + va_start(ap, fmt); + (void)vfprintf(stderr, fmt, ap); + va_end(ap); + if (*fmt) { + fmt += strlen(fmt); + if (fmt[-1] != '\n') + (void)fputc('\n', stderr); + } + exit(1); + /* NOTREACHED */ +} + +/* VARARGS */ +void +ndo_warning(netdissect_options *ndo _U_, const char *fmt, ...) +{ + va_list ap; + + (void)fprintf(stderr, "%s: WARNING: ", program_name); + va_start(ap, fmt); + (void)vfprintf(stderr, fmt, ap); + va_end(ap); + if (*fmt) { + fmt += strlen(fmt); + if (fmt[-1] != '\n') + (void)fputc('\n', stderr); + } +} +